incase of a malicious operartor no fee will be claimed

Summary

the claimfee function in market.sol claims any accrued fees, fees include: protocol, oracle, risk, donation, and claimable however the function is restricted to be only called by the operator this can be problematic since it is also mentioned in the documentation that there's a possibility of a malicious operator incase of a malicious operator no protocol, oracle, risk, donation, and claimable fee will be claimed

Root Cause

https://github.com/sherlock-audit/2024-08-perennial-v2-update-3/blob/main/perennial-v2/packages/perennial/contracts/Market.sol#L292

Internal pre-conditions

No response

External pre-conditions

No response

Attack Path

No response

Impact

protocol wont be able to collect any fee

PoC

No response

Mitigation

allow both the owner and operator to collect accrued fees

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

075.md

075.md

incase of a malicious operartor no fee will be claimed

Summary

Root Cause

Internal pre-conditions

External pre-conditions

Attack Path

Impact

PoC

Mitigation

Files

075.md

Latest commit

History

075.md

File metadata and controls

incase of a malicious operartor no fee will be claimed

Summary

Root Cause

Internal pre-conditions

External pre-conditions

Attack Path

Impact

PoC

Mitigation